Checklist for evaluating a logging solution

    In case you need to evaluate an access logging solution, the following check list may be helpful:

• Overall quality of logged data: Does it provide enough detail and completeness for all of my use cases?
• Is the solution fully integrated into the SAP environment?
• Are there sufficient options for setting up filters on any level (from very broad to very detailed)?
• Can I maintain users in an inclusion / exclusion list?
• What are the costs and efforts for installation, implementation and operations (TCO)?
• Does it contain extensive reporting capabilities?
• Are there APIs available for exporting log records (e.g. to file system, central server, data warehouse, …)?
• Is it a server based solution or does it require installations on each frontend?
• Can the logged data be secured against deletion and changes (digital signature)?
• Is it possible to add alerting functionality (generation of e-mails / reports, workflows etc.)?
• Does it allow a periodical deletion of logged data, e.g. older than half year?
• Are there dedicated authorizations for accessing the log reports and the log configuration?
• Is it assured that viewed data is always written to the log file, even in extreme situations (Loss of network connection, system / network shutdown etc.)?
• Is archiving possible?